Media Contact: Paloma Perez Paloma.Perez@fcc.gov For Immediate Release CHAIRWOMAN ROSENWORCEL LAUNCHES INQUIRY TO REDUCE CYBER RISKS Rosenworcel Proposes Inquiry into Vulnerabilities of Internet Global Routing System in Response to Increasing Risk of Cyber Attacks WASHINGTON, February 25, 2022—Federal Communications Commission Chairwoman Jessica Rosenworcel today shared with her colleagues a proposed action to help protect America’s communications networks against cyberattacks. Earlier this week, the Department of Homeland Security warned U.S. organizations at all levels that they could face cyber threats stemming from the Russia-Ukraine conflict. The proposal would begin an inquiry into the vulnerabilities of the Internet’s global routing system. If adopted by a vote of the full Commission, this action, called a Notice of Inquiry, would begin a proceeding by seeking public comment on vulnerabilities threatening the security and integrity of the Border Gateway Protocol (BGP), which is central to the Internet’s global routing system. The inquiry would also examine the impact of these vulnerabilities on the transmission of data through email, e-commerce, bank transactions, interconnected Voice-over Internet Protocol (VoIP), and 911 calls—and how best to address these challenges. BGP is the routing protocol used to exchange reachability information among independently managed networks on the Internet. BGP’s initial design, which remains widely deployed today, does not include explicit security features to ensure trust in this exchanged information. As a result, a bad network actor may deliberately falsify BGP reachability information to redirect traffic. Russian network operators have been suspected of exploiting BGP’s vulnerability to hijacking in the past. “BGP hijacks” can expose Americans’ personal information, enable theft, extortion, and state-level espionage, and disrupt otherwise-secure transactions. Working with its federal partners, the Commission has urged the communications sector to defend against cyber threats, while also taking measures to reinforce the nation’s readiness and to strengthen the cybersecurity of vital communications services and infrastructure, especially in light of Russia’s actions inside of Ukraine. Chairwoman Rosenworcel also recently shared with her colleagues a Notice of Proposed Rulemaking that would begin the process of strengthening the Commission’s rules for notifying customers and federal law enforcement of breaches of customer proprietary network information (CPNI). The inquiry under consideration would build on those efforts. ### Media Relations: (202) 418-0500 / ASL: (844) 432-2275 / Twitter: @FCC / www.fcc.gov This is an unofficial announcement of Commission action. Release of the full text of a Commission order constitutes official action. See MCI v. FCC, 515 F.2d 385 (D.C. Cir. 1974).